Open code423n4 opened 2 years ago
Labeled as disagree with severity because we think this is a 0 - Non-critical finding since we don't see any negative impact functionally from the issue, but we do acknowledge that we should switch to a non-deprecated function.
Agree, this just sounds like best practice.
Handle
byterocket
Vulnerability details
Impact
The
_setupRole
function in OpenZeppelin'sAccessControl
contract is marked as deprecated in favor of_grantRole
. See here.Following contracts use the deprecated
_setupRole
in their constructor:Recommended Mitigation Steps
Refactor the contracts constructor's to use
_grantRole
instead of_setupRole
.